Browse docs

Reference

Privacy & security

What we collect, what we don't, and how to honor your visitors' privacy.

What we don't do

  • By default, we don't track anonymous traffic. Unless you opt into anonymous tracking, a visitor who lands without a tracked link or merge-tag URL is invisible to LeadLens.
  • We don't capture form data. Form inputs are masked at capture time, so the actual characters typed never leave the browser.
  • We don't sell or share data. Session data is visible only to logged-in members of your workspace.
  • We don't use third-party cookies. Identity travels in the tracked link or merge-tag URL itself, not in a cross-site cookie.
  • We don't store CRM passwords or API keys in plaintext. OAuth tokens for CRM integrations are encrypted at rest with a workspace-scoped key.

What we do collect

  • The contact identity passed in through the tracked link.
  • The URL, title, and referrer of each pageview.
  • A masked screen recording of what was on the page.
  • Sampled mouse movement and clicks. What got clicked, not what got typed.
  • A coarse browser/OS string, for diagnostics.
  • Optional, off by default: approximate location (country, region, city) derived from the visitor's IP address at the network edge. Workspace admins can enable this from Settings → Show visitor location.

We do not store IP addresses or browser fingerprinting signals. When the location toggle is on, the IP is read transiently from edge headers solely to look up country/region/city — the raw IP is never persisted.

Telling your visitors

It's worth mentioning LeadLens in your privacy policy or cookie notice. At minimum: that you record sessions for visitors arriving via tracked links. A short paragraph is enough. We can share boilerplate on request.

Masking custom content

Add the attribute data-ll-mask to any element to redact its contents in the recording. Useful for:

  • Order totals or invoice amounts.
  • Customer-specific identifiers shown in dashboards.
  • Any element where the rendered text is sensitive.

Data security

  • All connections are encrypted in transit (TLS).
  • Session data is scoped to your workspace. No other customer can see it.
  • Recordings are served via short-lived signed URLs, only to logged-in workspace members.

Deleting data

  • Delete a contact. All their sessions, recordings, and AI insights are removed.
  • Delete a workspace (Settings → Danger zone). Everything is removed and not recoverable.
  • Need a one-off purge for a specific visitor email? Email hello@tryleadlens.com.